[ignoramous]

> That is why high security systems designed for multi-level security for shared tenants

When you say "high security" do you mean Confidential Computing workloads run by Trusty (Enclave) / Virtee (Realm) etc? If so, aren't these system limited in what they can do, as in, there usually is another full-blown OS that's running the user-facing bits?

> that need to protect against state actors

This is a very high bar for a software-only solution (like a microkernel) to meet? In my view, open hardware specification, like OpenTitan, in combination with small-ish software TCB, make it hard for state actors (even if not impossible).

[Veserv]

No. I am talking about multi-level security [1] which allows a single piece of hardware to handle top secret and unclassified materials simultaneously via software protection. This protection is limited to software attempts to access top secret materials from the unclassified domain; hardware and physical attacks are out-of-scope.

There have been many such systems verified to be secure against state actors according to the TCSEC Orange Book Level A1 standard and the subsequent Common Criteria SKPP standard which requires both full formal proofs of security and explicitly requires the NSA to identify zero vulnerabilities during a multi-month penetration test before allowing usage in NSA and DoD systems.

[1] https://en.wikipedia.org/wiki/Multilevel_security